Security : RAM scraper

The best way to detect a RAM scraper is via regular traffic and critical file monitoring and log analysis, experts say. Following are eight tips for protecting against RAM scraping, gleaned from the Verizon report:

* Strong firewall and antivirus presence and maintenance, logging, review. Keep the RAM scrapers (and other malware) out.

* Regularly confirm the integrity of your host intrusion detection systems.

* Monitor disk activity and keep an eye out for file-creation in Windows system and temp subfolders.

* Monitor critical file activity. .exe files such as RAM scrapers will be flagged when executed.

* Tighten server credentials. There’s no excuse for default admin credentials on a home computer, much less on systems that process financial transactions.

* Bear in mind that end-to-end encryption doesn’t include the clear-data processes at the end-points.

* Deny, if possible, admin-level credentials to POS and POS support vendors and reset vendor credentials and settings.

* Minimize and test the persistence of data in volatile memory. Just because the specs say data persists for a millisecond doesn’t make it true.

it’s a good practice to extend monitoring and log analysis to all RAM-equipped devices in the business. You could be surprised at how much data is sitting in the RAM of your network printers, for instance.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.